<?
//Load phpbb external class
define('IN_PHPBB', true);
$phpbb_root_path = './forum/';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
require_once("phpbb.class.php");
$phpbb = new phpbb($phpbb_root_path);


$phpbb_action = @$_REQUEST["op"];
//***************************************************************
//parameters used at class construction
//first parameter = absoulute physical path of the phpbb 3 forum ($phpbb_root_path variable)
//second parameter = php scripts extensions ($phpEx variable)

$user->session_begin();
$auth->acl($user->data);
$user->setup();


//Check to make sure we have _POST data to handle
if(isset($_POST['action'])) {

	//Handle POST data
	switch($_POST['action']) {
	
		//User is logging in
		case "doLogin":
			$pvars = array("username" => addslashes($_POST['user']),
						"password" => addslashes($_POST['pass']));
			$presult = $phpbb->user_login($pvars);
			echo $presult;
		break;
		
		//User is logging out
		case "doLogout":
			$pResult = $phpbb->user_logout();
			echo $pResult;
		break;
		
		//User is registering
		case "doRegistration":
			$username = addslashes($_POST['user']);
			$email = addslashes($_POST['email']);
			//Assign data to var array
		   $phpbb_vars = array(
			"username" => addslashes($_POST['user']), 
			"password" => addslashes($_POST['pass']), 
			"user_email" => addslashes($_POST['email']),
			"group_id" => 4					
			);
			
        	$phpbb_result = $phpbb->user_add($phpbb_vars); 
			
			//Create custom profile fields
			if($phpbb_result == "SUCCESS") {
				//Select new userid
				$sql = "SELECT user_id FROM `phpbb_users` WHERE username = '$username' AND user_email = '$email'";
				$q = $db->sql_query($sql);
				$row = $db->sql_fetchrow($q);
				$uid = $row['user_id'];
				
				//Create custom row in tables: users
				$s = "INSERT INTO `users` (id) values('$uid')";
				$q = $db->sql_query($s);
				
			}
			echo $phpbb_result;
	   break;
		/*
			Handler to check and see if username is available
			Location: register.php
		*/
		case "verifyUsername":
			$user = addslashes($_POST['user']);
			$userCountSQL = $db->sql_query("SELECT * FROM `phpbb_users` WHERE `username` LIKE '".$user."'");
			
		//Count number of news items
		$userCount = $db->sql_affectedrows();
		
		//Send OK signal to jquery script if no other users exist with this name
		if ( $userCount == 0 )
			echo "OK";
		else
			echo "0";
		break;
		/*
			Save Profile Handler
			Location: profile.php
		*/
		case "saveProfile":
			$o = json_decode(urldecode($_POST['data']));
			
			var_dump($o);
			//$o->birthday = date("j- n-Y",strtotime($o->birthday));
			//Save phpbb fields
			//website, location, occupation, interests, birthday, aim/icq/msn/yahoo/jabber
			$sql = "UPDATE `phpbb_users` SET "
					."`user_from` = '$o->location',"
					."`user_website` = '$o->website',"
					."`user_interests` = '$o->interests',"
					."`user_occ` = '{$o->position} at {$o->employer}',"
					."`user_birthday` = '$o->birthday' "
					."WHERE `user_id` = '".$user->data['user_id']."'";
			$execQuery = $db->sql_query($sql);
			$queryResult = $db->sql_affectedrows();
			echo $queryResult;
			
			$gradYear = date('Y-m-d',strtotime($o->gradyear));
			//Flags for checkboxes
			$u_deg = ($o->deg_u == "true") ? 1 : 0;
			$g_deg = ($o->deg_g == "true") ? 1 : 0;
			$d_deg = ($o->deg_d == "true") ? 1 : 0;
			$datestarted = date('Y-m-d H:i:s', strtotime($o->e_started));
			//Save custom profile fields
			$sql = "UPDATE `users` SET "
					."`name` = '$o->name', "
					."`YearGrad` = '$gradYear', "
					."`Department` = '$o->department', "
					."`Concentration` = '$o->concentration', "
					."`Degree_Undergrad` = '$u_deg', "
					."`Degree_Grad` = '$g_deg', "
					."`Degree_Phd` = '$d_deg', "
					."`e_name` = '$o->e_employer', "
					."`e_location` = '$o->e_location', "
					."`e_datestarted` = '$datestarted', "
					."`e_title` = '$o->e_position', "
					."`e_department` = '$o->e_dept', "
					."`e_website` = '$o->e_website' "
					."WHERE `id` = '".$user->data['user_id']."'";
			
			$execQuery = $db->sql_query($sql);
			$queryResult = $db->sql_affectedrows();
			echo $queryResult;
			
			
			
			
			$execQuery = $db->sql_query($sql);
			$queryResult = $db->sql_affectedrows();
			echo $queryResult;
			
			//Look for users company row
			$sql = "SELECT * FROM `UserInCompany` WHERE user_id = '".$user->data['user_id']."'";
			$q = $db->sql_query($sql);
			$row = $db->sql_fetchrow($q);
			
			//Create 
			if ( $db->sql_affectedrows() == 0 ) {
			
			}
			
		break;
		case "confirmFriend":
			$fID = $_POST['friendId'];
			$sql = "UPDATE `Friends` SET status = 'confirmed' WHERE `User1_id` = '$fID' AND `user2_id` = '".$user->data['user_id']."'";
			$eQuery = $db->sql_query($sql);
			$count = $db->sql_affectedrows();
			if($count == 1)
				echo "OK";
			else
				echo "Error";
		break;
		
		case "addFriend":
			$fID = $_POST['friendID'];
			$sql = "INSERT INTO Friends(User1_id, user2_id, status, Date) values('".$user->data['user_id']."', '$fID', 'unconfirmed', now())";
			$q = $db->sql_query($sql);
			$c = $db->sql_affectedrows();
			if($c == 1)
				echo "OK";
			else
				echo "Error";
	}
}



?>